41. Spoofing makes it appear as if the packets have
come from a genuine IP address, where as in reality
they came from an unauthorized IP address.
42. Network Objects are defined as elements that
come into contact with the network. Only Network Objects,
that are used in the Rule Base, need to be defined in
FireWall-1.
43. The available Server Objects are:
UFP Server (URL Filtering Protocol Server):
Used in defining a URI Resource.
CVP Server (Content Vectoring Protocol Server):
Used to examine the contents of packets.
RADIUS Server: Used to provide authentication
service and is based on UDP.
TACACS: Also used to provide authentication
services and is based on TCP.
AXENT Defender: Used to provide authentication
services.
LDAP Account Units: This enables the Security
Manager to integrate an LDAP compliant user database
with FireWall-1 Authentication.
CA (Certificate Authority) Server: Used to provide
certificate authentication.
Policy Servier: A SecuRemote Server, with added
features.
OPSEC Servers:
UFP Server (URL Filtering Protocol Server):
Used in defining a URI Resource.
CVP Server (Content Vectoring Protocol Server):
Used to examine the contents of packets.
AMON (Application Monitoring): This service
enables network applications to report their status
to Check Point Management.
44. If a new Log File is created, the currently open (old)
Log File is closed and the is written to disk. The old Log File
will have a name that contains the current date and time. Also,
only one log file can be open at any given time in the Log Viewer.
45. The Log Viewer events can be viewed in any one one the
three modes:
Accouting
Active Connections
Security Log
46.1 There are four status conditions that a firewalled object
can be placed in the System Status GUI. These are:
Installed: VPN/FireWall-1 is installed on this object
and working properly.
Not installed: VPN/FireWall-1 Module is not installed
on this object.
Disconnected: VPN/FireWall-1 Module is installed but
not responding
Untrusted: The management server you logged into is
not the master of this object.
46.2 The following information is displayed in the System
Status for each firewalled object:
Policy name, and status of the policy
Time and date that the security policy was installed
on the firewalled object.
Packets accepted, packets dropped and packets logged.
Status update time and date
Identification information of the firewalled object
(Name, IP address).
Type of installed module. Here four options available:
VPN-1/FireWall
FloodGate-1
Compression
High Availability
47. The Log Viewer consists of three different modes:
1. Log Mode - Default log that shows all security related
events.
2. Active Mode - connections currently open.
3. Audit Mode - Shows the audit entries in the log viewer.
48. An external group is a user group, the members of which
are defined in an external LDAP directory server. An external
group can also be used in a Security Policy in the same manner
as that of a VPN-1/ FireWall-1 group.
49. CVP, Content Vectoring Protocol is used for content security.
50. There are two most commonly used FTPs. One is Active
FTP and the other Passive FTP. The difference between active
FTP and passive FTP is primarily on control and data ports used
between the FTP server and the FTP client. FireWall-1 supports
passive FTP.
51. The following steps uninstall a security policy:
Select Policy -> Uninstall from the Security Policy
GUI
Ensure that all items are selected (all are selected
by default)
Click OK.
52. SYNDefender is a Check Point proprietary application
that defends a corporate network from external denial-of-service
attacks.
53. Content Vectoring Protocol (CVP) uses port number 18181.
URI Filtering Protocol (UFP) uses port number 18182.
54. There are three ways that a User Database can be loaded
into the FireWall-1 modules:
Install the User Database by selecting Install Database
from the Policy menu.
Install the User Database by clicking on Install button
in the Users window.
You can also re-install the Security Policy (this includes
User Database) by selecting Install from the Policy menu.
